One of the major advantages with 802.1x is the user is not prompted to keep authenticating. If it is a windows machine you typically authenticate using their Active Directory credentials - automatically - without them having to do anything. Otherwwse you usually just enter the username/password once, it gets saved on the machine, and used each time. Yes, you can assign a group policy via RADIUS using the Filter-ID tag. Not sure about the logging. I've just got used to seeing the events a lot, so I ignore things that don't mention errors. If you change the users password, and you are using AD authentication, the user wont need to do anything. Otherwise the next time the user tries to authenticate it will fail and they will usually get prompted again.
... View more
